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1 LISTING OF THE CLAIMS 

2 CLAIMS 

3 What is claimed is: 

4 1 . (currently amended) A method comprising: 

5 employing at least one system for differentiating at least one service class in a kernel providing 

6 service differentiation as a kernel service based on application level information, and using service 

7 differentiation to provide different levels of quality of service for system performance to users to 

8 perform service differentiation based on content in at least one data packet for connections 

9 accepted in said at least one system, the step of employing providing content aware application 

10 header-based service differentiation in a Web server which communicates with clients over a 

11 network protecting the Web server against overload by controlling the amount and rate of work 

1 2 entering the system, and the step of employing including the steps of: 

13 capturing said at least one data packet until a complete application header is detected; 

14 parsing said complete application header to determine at least one application tag within the 

15 kernel which include classification and action rules ; 

16 matching said at least one application tag to at least one matching rule; 

17 determining a presence of at least one application tag match with said at least one matching rule; 

18 and 

19 performing service differentiation action based on said at least one matching rule in order to 

20 provide a particular level of service from said different levels of service ; and 

21 deleting and adding rules based upon a user request. 
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1 2. (previously presented) A method as in claim 1, wherein said at least one application tag 

2 includes at least one tag taken from a group of tags including: URI, cookie, request method, 

3 HTTP version, a tag in an application protocol. 

4 3. (previously presented) A method as in claim 1, wherein said at least one application tag is a 

5 URI, and wherein the URI is the second string in a HTTP header as defined in the an application 

6 protocol. 

7 4. (previously presented) A method as in claim 1, further comprising employing a table having 

8 said at least one matching rule based on application layer information. 

9 5. (previously presented) A method as in claim 1, wherein the step of determining includes finding 

10 a best match of content for application layer information. . 

11 6. (previously presented) A method as in claim 1, wherein said step of performing service 

12 differentiation action includes at least one action taken from a group of actions including: rate 

13 controlling scheduling connections, monitoring, request prioritization, and a policing action. 

14 7. (previously presented) A method as in claim 1, wherein said step of performing service 

1 5 differentiation action includes an action of dropping, and wherein said action of dropping includes 

16 discarding a connection based on rules that are created to provide better performance to the 

17 connections that are accepted. 

18 8. (original) A method as in claim 6, wherein said action includes at least one act taken from a 

19 group of acts including: sending a reset message, sending an application return code, determining 

20 compliance with a given rate and/or burst, prioritization, weighted round robin, round robin, 

21 ordering, recording statistics, performing a cleanup, and protocol control. 
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1 9. (previously presented) A method as in claim 1, further comprising installing at least one 

2 matching rule to provide a higher level of system performance for higher classed packets and 

3 connections based on application layer information. 

4 10. (currently amended) A method as in claim 1, further comprising detecting establishment of a 

5 new connection for the purpose of service differentiation based on application layer information 

6 and providing admission control and service differentiation based on connection and application 

7 level information . 

8 11. (previously presented) A method as in claim 10, wherein said step of detecting includes 

9 establishing of a new TCP connection and detecting for the purpose of service differentiation 

10 based on application layer information. 

11 12. (previously presented) A method as in claim 1 1 , wherein said step of establishing of a new 

12 TCP connection includes for application header based service differentiation: receiving SYN 

13 packet; sending SYN-ACK packet; deferring accept; receiving ACK for SYN-ACK packet; and 

1 4 deferring notification of data packet. 

1 5 using the 3 -way handshake. 

16 13. (original) A method as in claim 1, wherein said step of capturing includes detecting application 

17 header delimiters for said at least one data packet. 

18 14. (previously presented) An apparatus comprising a service differentiation module employing at 

19 least one system for differentiating at least one service class in a kernel providing service 

20 differentiation as a kernel service based on application level information, and using service 

21 differentiation to provide different levels of quality of service for system performance to users for 

22 connections accepted in said at least one system, and providing content aware application 

23 header -based service differentiation in a server which communicates with clients over a network 

24 protecting the server against overload by controlling the amount and rate of work entering the 

25 system, and the step of employing includes i ncluding 
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1 said module including a tangible computing medium enabling functions of: 

2 provides admission control and service differentiation based on connection and application 

3 level information 

4 a parser to parse a client Web request; 

5 a classifier to classify the request based on application headers and assigning a request class within 

6 a kernel; 

7 a selector to determine an action rule based on the request class; and 

8 a performer to apply the action rule based on the request class in order to provide better system 

9 performance for higher classed packets and connections. 

10 15. (withdrawn) An apparatus comprising a policy agent, said policy agent including: 

1 1 a communicator to communicate from a user space to a kernel with an application interface; 

12 an initializer to instantiate service differentiation rules for an application tag within the kernel 

13 which include classification and action rules; and 

14 a manager to delete and update rules on a user request. 

15 16. (withdrawn) A method comprising: 

16 forming a rule, including the steps of: 

17 communicating from a user space to a kernel with an application interface; 

1 8 instantiating service differentiation rules for an application tag within the kernel which include 

19 classification and action rules; and 
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1 deleting and adding rules based upon a user request. 

2 17. (withdrawn) A method as in claim 16, further comprising updating rules based upon a user 

3 request. 

4 18. (original) An article of manufacture comprising a computer usable medium having computer 

5 readable program code means embodied therein for causing service differentiation, the computer 

6 readable program code means in said article of manufacture comprising computer readable 

7 program code means for causing a computer to effect the steps of claim 1 . 

8 19. (original) A program storage device readable by machine, tangibly embodying a program of 

9 instructions executable by the machine to perform method steps for service differentiation, said 

10 method steps comprising the steps of claim 1. 

1 1 20. (previously presented) A computer program product comprising a tangible computer usable 

12 medium having computer readable program code means embodied therein for causing service 

13 differentiation, the computer readable program code means in said computer program product 

14 comprising computer readable program code means for causing a computer to effect the functions 

15 of claim 14. 

16 21 . (withdrawn) A computer program product comprising a computer usable medium having 

17 computer readable program code means embodied therein for causing rule installation, the 

18 computer readable program code means in said computer program product comprising computer 

19 readable program code means for causing a computer to effect the functions of claim 15. 

20 22. (currently amended) An apparatus comprising a computing medium enabling at least one 

21 function of: 
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1 means for employing at least one system for differentiating at least one service class in a kernel to 

2 perform service differentiation based on content in at least one data packet for connections 

3 accepted in said at least one system, the means for employing providing content aware application 

4 header-based service differentiation in servers which communicate with clients over a network 

5 protecting a Web server against overload by controlling the amount and rate of work entering the 

6 system, and the means for employing comprising: 

7 means for capturing said at least one data packet until a complete application header is detected; 

8 means for parsing said complete application header to determine at least one application tag; 

9 means for matching said at least one application tag to at least one matching rule; 

10 means for determining a presence of at least one application tag match with said at least one 

1 1 matching rule; and 

12 means for performing quality of service differentiation action based on said at least one matching 

13 rule. 

14 23. (previously presented) A computer program product comprising a tangible computer usable 

15 medium having computer readable program code means embodied therein for causing 

16 differentiation of at least one service class in a kernel, the computer readable program code 

17 means in said computer program product comprising computer readable program code means for 

18 causing a computer to effect the functions of claim 22. 



DOCKET NUMBER: YOR920010561US2 



7/25 



